CVE-2013-4554
Published: 24 December 2013
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
Notes
| Author | Note |
|---|---|
| mdeslaur | This is XSA-76 Xen 3.0.3 and later are affected |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
xen Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Released
(4.1.5-0ubuntu0.12.04.2)
|
|
| quantal |
Released
(4.1.5-0ubuntu0.12.10.2)
|
|
| raring |
Released
(4.2.2-0ubuntu0.13.04.3)
|
|
| saucy |
Released
(4.3.0-1ubuntu1.2)
|
|
| upstream |
Needs triage
|
|
| Binaries built from this source package are in Universe and so are supported by the community. | ||
|
xen-3.3 Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
| Binaries built from this source package are in Universe and so are supported by the community. | ||